SSO non IDP

  

HI all,


we are looking to do a single sign on into sage(pastel).
we need to send through a  AuthNRequest with embedded signature (HTTP-POST binding) . so in other words a non IDP AuthNrequest.


We have looked at the SSo app in the forge, I made the coversion of it to p10, however this seems to fall short of what we are trying to achieve as it does not create the AuthnRequest with embedded signature.

has any one done this before, or can point us in the right direction?


your assistance will be greatly appreciated.

it cannot be done in outsystems itself, so you have to create an extension for it.

c# starting example.

https://msdn.microsoft.com/en-us/library/ms229745(v=vs.110).aspx

then onwards to probably a certificate

http://stackoverflow.com/questions/23394654/signing-a-xml-document-with-x509-certificate

you probably need the certificate as a resource and not in the keystore, becuase you probably are not allowe to read the store on production due to security constraints,

if you need to program this in c# you end up with another fine issue, that c# sucks with sha-256.

if that is the case, lemme know, because there is a hack for it.